From 98ebbcfbd3434e296b930a5aee33d4c86d7062a8 Mon Sep 17 00:00:00 2001
From: Toast <toast003@tutamail.com>
Date: Thu, 2 Jan 2025 20:32:06 +0100
Subject: [PATCH 1/4] Server/minecraft: remove

---
 roles/server/default.nix   |  1 -
 roles/server/minecraft.nix | 34 ----------------------------------
 2 files changed, 35 deletions(-)
 delete mode 100644 roles/server/minecraft.nix

diff --git a/roles/server/default.nix b/roles/server/default.nix
index 7b3787d..2ad30f6 100755
--- a/roles/server/default.nix
+++ b/roles/server/default.nix
@@ -14,7 +14,6 @@
     ./headscale.nix
     ./caddy.nix
     ./rust_motd.nix
-    ./minecraft.nix
     ./adguard.nix
     ./changedetection-io.nix
   ];
diff --git a/roles/server/minecraft.nix b/roles/server/minecraft.nix
deleted file mode 100644
index 1db04a1..0000000
--- a/roles/server/minecraft.nix
+++ /dev/null
@@ -1,34 +0,0 @@
-{
-  pkgs,
-  lib,
-  ...
-}: {
-  nixpkgs.config.allowUnfreePredicate = pkg:
-    builtins.elem (lib.getName pkg) [
-      "minecraft-server"
-    ];
-
-  users.users.toast.extraGroups = ["minecraft"];
-
-  services.minecraft-servers = {
-    enable = true;
-    eula = true;
-    openFirewall = true;
-    servers = {
-      vrlocals = {
-        enable = true;
-        package = pkgs.fabricServers.fabric-1_20_1;
-        jvmOpts = "-Xmx8G";
-        serverProperties = {
-          motd = "\\u00A7aBigChadGuys \\u00A7lPlus \\u00A7a(w/Cobblemon!) v2.8.1\\u00A7r\\n\\u00A76Have fun!";
-          server-port = 25565;
-          level-seed = "-1450714289616987871";
-          white-list = true;
-          spawn-protection = 0;
-          enable-command-block = true;
-          sync-chunk-writes = false;
-        };
-      };
-    };
-  };
-}

From 21c8f8c7e4e4a7e54a9a437e1293b28a9d3aa4e0 Mon Sep 17 00:00:00 2001
From: Toast <toast003@tutamail.com>
Date: Thu, 2 Jan 2025 21:24:50 +0100
Subject: [PATCH 2/4] Machines/Everest: remove unneeded firewall options

---
 machines/Everest/configuration.nix | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/machines/Everest/configuration.nix b/machines/Everest/configuration.nix
index fdacf1b..49e1805 100755
--- a/machines/Everest/configuration.nix
+++ b/machines/Everest/configuration.nix
@@ -53,11 +53,4 @@
       };
     };
   };
-
-  # Open ports in the firewall.
-  # No idea what ports 5201 and 21027 do tho
-  networking.firewall.allowedTCPPorts = [5201];
-  networking.firewall.allowedUDPPorts = [5201 21027];
-  # Or disable the firewall altogether.
-  # networking.firewall.enable = false;
 }

From 74ed35e5f4608d965a92efd0692174c3e9cda72f Mon Sep 17 00:00:00 2001
From: Toast <toast003@tutamail.com>
Date: Thu, 2 Jan 2025 22:51:52 +0100
Subject: [PATCH 3/4] Server/caddy: adjust systemd restart parameters

---
 roles/server/caddy.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/server/caddy.nix b/roles/server/caddy.nix
index f7697fc..0f2edea 100644
--- a/roles/server/caddy.nix
+++ b/roles/server/caddy.nix
@@ -64,7 +64,8 @@ in {
     # ages to boot up. If I don't add a delay, caddy tries to bind to
     # the tailscale interface before it's ready, making it crash too much
     # in too little time
-    services.caddy.serviceConfig.RestartSec = lib.mkForce "240s";
+    services.caddy.serviceConfig.RestartSec = lib.mkForce "120s";
+    services.caddy.unitConfig.StartLimitBurst = lib.mkForce "infinity";
   };
   programs.rust-motd.settings.service_status.Caddy = "caddy";
   networking.firewall.allowedTCPPorts = [443 80];

From a275c8d43e35bdea4e0af6a6351766c7e4da7b62 Mon Sep 17 00:00:00 2001
From: Toast <toast003@tutamail.com>
Date: Thu, 2 Jan 2025 22:59:37 +0100
Subject: [PATCH 4/4] Common/syncthing: open firewall ports

---
 roles/common/services/syncthing.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/common/services/syncthing.nix b/roles/common/services/syncthing.nix
index e181fe7..9f191a1 100755
--- a/roles/common/services/syncthing.nix
+++ b/roles/common/services/syncthing.nix
@@ -62,4 +62,8 @@ in {
       };
     };
   };
+  networking.firewall = {
+    allowedTCPPorts = [22000];
+    allowedUDPPorts = [22000 21027];
+  };
 }